Vulnerability Identifier(s): CVE-2020-1938 (aka CNVD-2020-10487)
Type of Vulnerability: CWE-20 / Improper Input Validation leading to Local File Inclusion.
CVSS 3.1 Score: 9.8
CVSS 3.1 Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
as present in Maven Central
Vulnerable version ranges:
( , 7.0.100)
The Nitty Gritty and Attack Mechanics
Dubbed CVE-2020-1938, CNVD-2020-10487 and informally “Ghostcat,” the vulnerability occurs due to AJP protocol support in Tomcat being enabled by default.
As is standard practice, most web server programs provide for a variety of protocols to be supported and make this possible by keeping several ports open by default, and by constantly “listening” (Read more…)
*** This is a Security Bloggers Network syndicated blog from Sonatype Blog authored by Akshay ‘Ax’ Sharma. Read the original post at: https://blog.sonatype.com/nexus-intelligence-insights-whats-in-a-ghostcat-cve-2020-1938-apache-tomcat